butlincat's blog - a blog...a seeker of the truth

“As long as justice is postponed we always stand on the verge of these darker nights of social disruption...so said Martin Luther King Jr. in a speech on March 14, 1968, just three weeks before he was assassinated.

...hello + welcome!

FAIR USE NOTICE: This site may contain copyrighted (© ) material. Such material is made available to advance understanding of ecological, political, human rights, economic, democracy, scientific, moral, ethical, and social justice issues. This constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, this material is distributed for analysis, commentary, educational and intellectual purposes. In some cases comedy and parody have been recognized as fair use - Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License..... For more information please visit: http://www.law.cornell.edu/uscode/text/17/107

This blog is for regular updates + info connected to the ILLUMINATI, 911, 7/7, recent UFO sightings, CHEMTRAILS, MORGELLONS [98% OF WORLDS POPULATION HAS MORGELLONS DISEASE, they claim - see "Morgellons & SmartDust Infect Individuals to be Tracked via Satellite" https://www.youtube.com/watch?v=Baua4QzgAjc - MIND CONTROL {MK ULTRA, MANNEQUIN etc.}, ELECTRONIC SURVEILLANCE, JOHN LEAR, ALEX COLLIER, PROJECT CAMELOT, PROJECT AVALON, MICHAEL TSARION, JORDAN MAXWELL, PRESTON NICHOLS, AL BIELEK, STEWART SWERDELOW, DUNCAN CAMERON, WILLIAM COOPER, PHIL SCHNEIDER, David Wilcock, FRITZ SPRINGMEIER, BILLY MEIER, MAX IGAN, STEW WEBB, "Democracy Now!", Henry Makow, Linda Moulton-Howe, Dan Burisch, Webster Tarpley, Brother Nathanael, Timothy Good, Miles Johnson, Jim Marrs, John Hutchison, Wikileaks, Julian Assange #FreeAssange #FreeManning #FreeHammond, Dr. John Hall, Edward Snowden, Vladimir Putin, John Lennon, Bob Zimmerman [Dylan], award winning journalist John Pilger's site is www.johnpilger.com + many more who can only be described as heroes...

Like many, this site is shadowbanned, as daily viewing figures prove since March 2018, when before then the figures were 10 times as much as they are since [from approx. 5000 views per day to 500]: "Shadowbanning" is the "act of blocking or partially blocking a user or their content from an online community" - see more: What is "shadowbanning - truther sites are often targeted:

NewsGuard Launches War on Alternative Media ...

Targeted? victimised?...been dealt "rough justice"? see more: VICTIMS OF THE STATE https://butlincat.com/

my Twitter: http://www.twitter.com/butlincat

my Facebook: https://www.facebook.com/butlin.cat.9

"Do not be deceived, God is not mocked; for whatever a man sows, this he will also reap" Galatians 6:7

......Namaste.....John Graham - butlincat

Jai guru deva om जय गुरुदेव ॐ ... peace!

frank zappa: “The illusion of freedom will continue as long as it’s profitable to continue the illusion. At the point where the illusion becomes too expensive to maintain, they will just take down the scenery, they will pull back the curtains, they will move the tables and chairs out of the way and you will see the brick wall at the back of the theater.”

Saturday, 11 November 2017

“Eavesdropper” Flaw Exposes Millions of Call, Texts and Recordings

“Eavesdropper” Flaw Exposes Millions of Call, Texts and Recordings

Eavesdropper is a dangerous new vulnerability identified by researchers from Appthority, an enterprise mobile threat protection firm. According to their findings, the vulnerability has affected about 700 iOS and Android applications so far due to which massive amount of sensitive mobile data has been exposed. Reportedly, millions of calls, voice recordings, and text messages have been exposed. Eavesdropper is being regarded as a serious threat.
Although Eavesdropper was discovered in April according to Appthority’s security experts, it has been around since 2011, and 30 to 33 percent of the affected apps are business related. As Appthority researchers noted that there are a number of important apps such as one of the affected apps is used for initiating secure communication for federal law enforcement agency while another allows recording of audio and annotation of real-time discussions for enterprise sales teams.
“The scope of the exposure is massive including hundreds of millions of call records, minutes of calls and audio recordings, and text messages,” wrote researchers in a blog post.
It is also revealed that applications developed through Twilio service were the main victim of Eavesdropper while the vulnerability is a result of a basic developer error that exposed API credentials of hundreds of applications inadvertently. Apparently, developers didn’t properly follow the guidelines of using Twilio and did not secure credentials and tokens.
Michael Bentley from Appthority wrote that: “By hard-coding their credentials, the developers have effectively given global access to all metadata stored in their Twilio accounts.”
The affected apps have already been downloaded for more than 180 million times, which shows the extent of the threat.
Researchers claim that Eavesdropper manages to expose huge amounts of confidential, private data without relying upon conventional methods like jailbreak, malware or rooting but only through the careless developer error.
“Eavesdropper” Flaw Poses Serious Threat to Enterprise Mobile Data – The data that can be exposed includes call records, minutes of calls, minutes of call audio recordings, SMS and MMS text messages”
The incident highlights the fact that hackers can launch attacks without using sophisticated tools. Moreover, the concerning aspect is that the problem cannot be resolved by deleting the affected app from the device, but the user needs to update credentials and keep them secure. Otherwise, data remains exposed.
Appthority’s security research director Seth Hardy explained that Eavesdropper poses a serious threat to enterprise data because it lets attackers access private and confidential data including details that are never discussed outside the enterprise environment such as pricing discussions, technology disclosure or M&A planning, etc.
“An attacker could convert recorded audio files to text and search a massive data set for keywords and find valuable data,” stated Hardy.
Appthority also claimed that the threat is not limited to apps developed using Twilio service, which means there might be many more affected apps that are yet to be identified.
source: [N.B.: link not working - please copy and paste to view page]   https://www.hackread.com/eavesdropper-flaw-exposes-millions-of-call-texts-and-recordings/